2. (Customer Data to be collected)
- We collect the following Customer Data:
- ① Name, gender, address, telephone number, place of employment, title, e-mail address, and any other information provided by Customers (whether in writing, electromagnetic record, e-mail, orally, or by any other means);
- ② Usage history, access history, device information and other information related to the use of Services by Customers.
- ③ Internal identifiers that we assign to you and other information that we generate in connection with you; and
- ④ Information collected from a third party which has the appropriate authority to handle customer data through the consent of the customer or other lawful process.
- Provision of a portion of Customer Data is voluntary, but if you do not provide it, you may not be able to use all or part of our Services.
3. (Purpose of use)
- We use Customer Data collected in connection with the provision of our Services for the following purposes:
A. General provision of our Services, etc.
- ① To provide our Services;
- ② To respond to inquiries from Customers;
- ③ To improve and develop our Services;
- ④ To conduct questionnaires regarding our Services(including those to be provided in the future);
- ⑤ To conduct surveys and analysis regarding the usage of our Services;
- ⑥ To send you information about our and our partners’ products, Services, businesses;
- ⑦ To provide important notices regarding our Services and contact Customers as necessary;
- ⑧ To perform contracts with Customers;
- ⑨ To implement information security measures or prevent unauthorized use of our Services;
B. Recruiting activities
- ① To provide information to applicants who have applied for our recruitment and selection process, company information sessions, internships and other recruitment-related events (“Applicants”);
- ② The Applicant’s recruitment and selection procedure (including contact as necessary in the recruitment and selection procedure);
- ③ To manage recruitment operations;
- ④ To respond to inquiries from Applicants;
C. Employee Management
- ① For personnel management, labor management, health and safety management and other employee information management; and
- ② To provide education and training.
- In addition to the preceding paragraph, JMDC may use Customer Data in the following cases;
- ① When the handling of Customer Data is necessary in order to comply with our legal obligations to which we are subject (including reports based on the Drug and Medical Device Safety Information Reporting System, in addition to responses to orders by law enforcement agencies and courts);
- ② When the handling of Customer Data is necessary to protect the vital interests of the customer or a third party;
- ④ When handling is necessary for academic research or digital archiving.
- We may process or statistically process Customer Data so that specific individuals cannot be identified.
- To the extent necessary to achieve the purpose of use, we may entrust all or part of Customer Data to a subcontractor. In such cases, we will thoroughly screen such subcontractor for eligibility and ensure a system for the safe handling of Customer Data.
5. (Provision of Customer Data to Third Parties)
- We will not provide Customer Data to third parties without consent of the customer, except in the following cases;
- ① When required by law;
- ② When it is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the individual;
- ③ When it is especially necessary to improve public health or promote the sound growth of children and it is difficult to obtain the consent of the individual concerned;
- ④ When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs prescribed by law, and obtaining the consent of the individual is likely to impede the execution of such affairs; or
- ⑤ In the event of a merger, corporate separation, transfer of business, or other such event that results in the succession of the our business, including the provision of Customer Data.
6. (Sharing of Customer Data)
- We will share the Customer Data of corporate customers among Customer Data, limited to information handled in accordance with Article 3.1.A (General provision of our Services, etc.), only when it is necessary within the following scope in accordance with laws and regulations;
- ① Information to be shared: Customer Data specified in Article 2.1 regarding corporate customers
- ② Scope of joint use (“Joint Users”): OMRON Corporation, the JMDC largest shareholder, and its subsidiary companies
- ③ Purpose of use: For the purposes of use specified in Article 3.1.A.
- ④ Responsible party: JMDC Inc. (For other information, please refer to each item of Article 12.2).
- We will share the Customer Data of Applicants among Customer Data, limited to information handled in accordance with Article 3.1.B (Recruiting activities), only when it is necessary within the following scope in accordance with laws and regulations.
- ① Information to be shared: Customer Data specified in Article 2.1 regarding Applicants
- ② Scope of joint use (Joint Users): Each of the JMDC subsidiaries
- ③ Purpose of use: For the purposes of use stipulated in Article 3.1.B.
- ④ Responsible party: JMDC Inc. (For other information, please refer to each item of Article 12.2).
- With respect to the purposes of use in the joint use set forth in the preceding two paragraphs, the term “JMDC ” or “We” shall be read as “Joint Users” and the term “Services” shall be read as “joint user Services”.
7. (Rights of Customers)
- Except in the following cases, you may request us to notify you of the purpose of use, disclose your Customer Data, or correct, add, or delete your Customer Data in accordance with procedures separately established by JMDC. In addition, a fee may be charged for the disclosure of Customer Data in accordance with procedures separately established by JMDC ;
- ① When disclosure may harm the life, body, property, or other rights or interests of the person concerned or a third party;
- ② When there is a risk that disclosure may cause significant hindrance to the proper conduct of our business;
- ③ When disclosure would violate laws and regulations;
- ④ When the identity of the person making the request for disclosure cannot be verified;
- ⑤ Other cases in which we reasonably refuse to comply with the request under applicable laws and regulations.
- Customers may request the correction, addition, or deletion of your Customer Data in accordance with procedures separately established by JMDC. In this case, we will investigate without delay to the extent necessary to achieve the purpose of use, and correct, add, or delete the relevant Customer Data based on the results of the investigation.
- Customers may request that JMDC stop using your Customer Data or stop providing it to third parties in accordance with procedures for disclosure of personal information. In such cases, JMDC will respond appropriately in accordance with applicable laws and regulations.
8. (Safety control measures)
- We will implement the following measures for security management of Customer Data.
1. formulation of basic policy
2. Establishment of rules and regulations concerning the handling of personal information
- JMDC has established rules and regulations for the handling of personal information to ensure that personal information is handled appropriately as an organization.
3. organizational security control measures
- JMDC has established a person responsible for and in charge of the handling of personal information, as well as a reporting and liaison system.
- JMDC has a reporting and communication system in place in the event that a fact or indication of a violation of the Personal Information Protection Law or handling rules is detected.
4. personnel safety control measures
- We provide our employees with training as necessary on points to keep in mind regarding the handling of personal information.
- The confidentiality of personal information is described in the rules and regulations.
5. physical security control measures
- Access control is implemented in areas where personal information is handled.
- Documents containing personal information are kept under lock and key.
- When personal information is deleted or equipment, electronic media, etc. on which personal information is recorded is disposed of, it is done so in a manner that makes it impossible to recover.
6. technical security control measures
- Access control is implemented by identifying and authenticating access persons.
- A system is in place to protect information systems that handle personal information from unauthorized external access or unauthorized software.
- Protection is provided by encryption, passwords, etc.
7. understanding the external environment
- Please refer to Article 9.
9. (Provision of Customer Data to third parties located in foreign countries)
- Except as otherwise provided in individual privacy policies or in Article 11, we will not disclose Customer Data to a third party (including provision by subcontracting) in a foreign country (a country or region outside Japan).
- In the event that Customer Data is provided to a third party located in a foreign country (except as provided in Article 11). Please refer to Handling of Customer Data in foreign countries for the name of the country to which Customer Data is provided and the personal information protection system of the foreign country to which Customer Data is provided.
10. (External Services)
- JMDC will use modules such as Software Development Kits (SDKs) and other external services that handle customer information (“External Services”) provided by third parties may be installed in the Services for the purposes of use as set forth in Article 3.
- With respect to Customer Data handled by other companies through External Services, privacy policies of such third parties regarding the handling of personal information shall apply. When the handling of Customer Data by a third party (excluding the handling by JMDC on behalf of the third party) occurs via External Services (excluding those specified in the following article), JMDC will endeavor to disclose this at External Services.
11. (Using Google Analytics)
- Google may process the Customer Data (as defined in Article 2.1.2) that it collects in the State of California, United States of America to the extent necessary for the use of Google Analytics. For more information about the privacy protection system in the State of California, please refer to here. Our compliance with the applicable privacy protection system of Google is guaranteed by the Google Analytics Terms of Service and other applicable agreements with Google.
- For information of JMDC as a business operator regarding handling of Customer Data, please refer to the following items;
- ① Name: JMDC Corporation
- ② Address: Sumitomo Shiba Daimon Building 12F, 2-5-5 Shiba Daimon, Minato-ku, Tokyo
- ③ Representative: Ryo Noguchi, President and CEO
- ④ Chief Privacy Officer: Masatoshi Adachi, Chief Data Protection Officer/CDPO
Last revised date September 20, 2023